Security researchers have demonstrated a gaping security hole in Chip and PIN
credit card authorisations which undermines trust in the technology as a means
to verify retail purchases.
Cambridge University security researchers have demonstrated how it might be
possible to trick the card into thinking it’s doing a chip-and-signature
transaction while the terminal thinks it’s authorised by chip-and-PIN. The flaw
creates a means to make transactions that are "Verified by PIN" using a stolen (uncancelled)
card without knowing the PIN number.